<?php
// include function files for this application
require_once('/home/domains/uny-con.com/public_html/uny-con_fns.php');
// start session which may be needed later
// start it now because it must go before headers
if (!session_id()) { session_start(); }

/*Convention Pre-Registration is closed
if ($conf['prereg_status'] == 'closed' && $_SESSION['admin'] != 't') {
	do_html_header('User registration page', gobig, $uny);
	echo "Convention pre-registration is closed. We'll see you the convention!";
	do_html_footer(no_news);
	exit;
	}
*/

//If the post vars are not set and the user is not logged in then they must be trying to create a new account with us so display the form with no modification.
if (empty($_POST) && !check_valid_user()) {
	do_html_header('User registration page', gobig, $uny);
	display_registration_form();
	do_html_footer(no_news);
	exit;
	}

//If _POST is empty and update is set then we need to get the users data and display the form for editing.
if (isset($_GET['update']) && empty($_POST) && check_valid_user()) {
	//Now if the user is an admin AND they have the requested_id set we are editing someonelse's info.
//	if ($_SESSION['admin'] == 't' && isset($_GET['requested_id'])) {
//		$values = get_user_info($_GET['requested_id']);
//		$values['update'] = $_GET['update'];
//		} else {
		$values=get_user_info($_SESSION['current_attendee_id']);
		$values['update'] = $_GET['update'];
		$values['event_day'] = get_con_attendance_day($_SESSION['current_attendee_id']);
		$values['reg_type'] = get_con_attendance_type($_SESSION['current_attendee_id']);
		$values['attendee_id'] = $_SESSION['current_attendee_id'];
//		}
	do_html_header('Update your profile', gobig, $uny);
	display_registration_form($values);
	do_html_footer(no_news);
	exit;
	}

  //If they are logged in and update is not set then they need to either logout to create a new profile or use the edit my info link. Or we may be adding a user as admin...
if (empty($_POST) && check_valid_user()) {
	if (isset($_GET['admin_add_user'])) {
		if (isset($_SESSION['current_attendee_id'])) $_SESSION['current_attendee_id'] = $_SESSION['attendee_id'];
		do_html_header('Administrative add user form', gobig, $uny);
		$values['admin_add_user'] = $_GET['admin_add_user'];
		display_registration_form($values);
		} else {
		do_html_header('Problem:', staysmall, $uny);
		echo 'It appears you have come to this page in error. You are still logged into the system. If you want to create a new profile please logout then create a new profile. If you wanted to edit your profile please use the menu to the left.';
		}
	do_html_footer(no_news);
	exit;
	}



//create short variable names
$values['first_name']=trim($_POST['first_name']);
$values['first_name']=ucwords($values['first_name']);
$values['last_name']=trim($_POST['last_name']);
$values['last_name']=ucwords($values['last_name']);
$values['organization']=trim($_POST['organization']);
$values['nickname']=trim($_POST['nickname']);
$values['address1']=trim($_POST['address1']);
$values['address2']=trim($_POST['address2']);
$values['city']=trim($_POST['city']);
$values['state']=trim($_POST['state']);
$values['zip']=trim($_POST['zip']);
$values['country']=trim($_POST['country']);
$values['areacode']=floatval($_POST['areacode']);
$values['phone3']=floatval($_POST['phone3']);
$values['phone4']=intval($_POST['phone4']);
$values['email_addr']=trim($_POST['email_addr']);
$values['email_addr']=strtolower($values['email_addr']);
$values['password']=trim($_POST['password']);
$values['password2']=trim($_POST['password2']);
$values['timestamp']=trim($_POST['timestamp']);
$values['username']=trim($_POST['username']);
$values['username']=strtolower($values['username']);
$values['rpga_number']=trim($_POST['rpga_number']);
$values['contact']=trim($_POST['contact']);
if (!$values['contact']) {$values['contact']="f";}
$values['partner_contact']=trim($_POST['partner_contact']);
if (!$values['partner_contact']) {$values['partner_contact']="f";}
$values['others_viewing']=trim($_POST['others_viewing']);
if (!$values['others_viewing']) {$values['others_viewing']="f";}
$values['update'] = $_POST['update'];
if (!empty($_POST['attendee_id']) && isset($_POST['attendee_id']))
	{ $values['attendee_id'] = $_POST['attendee_id']; }
$values['admin_mode'] = $_POST['admin_mode'];
if (isset($_POST['admin_add_user'])) $values['admin_add_user'] = $_POST['admin_add_user'];

//so admins do not have to enter some values
if ($values['admin_add_user'] == 'Y') {
	if (empty($values['username'])) {
		$values['username'] = stripslashes($values['last_name']);
		$values['username'] = str_replace("\'", "", $values['last_name']);
		$values['username'] = str_replace("'", "", $values['last_name']);
		$values['username'] = str_replace(" ", "", $values['last_name']);
		$values['username'] = strtolower($values['last_name']);
		$values['username'] = create_user_name($values['username']);
		}
	if (!isset($values['password']) || empty($values['password']))
		$values['password'] = generate_password(8,true,null);
	if (!isset($values['password2']) || empty($values['password2']))
		$values['password2'] = $values['password'];
	if (!isset($values['email_addr']) || empty($values['email_addr']))
		$values['email_addr'] = $values['username'].'@fakeemail.net';
	}
//Values only set for admins
if ($_SESSION['admin'] == 't') {
	$values['event_day'] = $_POST['event_day'];
	$values['reg_type'] = $_POST['reg_type'];
	if (isset($_POST['reg_cost'])) $values['reg_cost'] = $_POST['reg_cost'];
	if (!isset($_POST['reg_cost']) && isset($values['attendee_id'])) $values['reg_cost'] = get_con_amount_paid($values['attendee_id']);
	if (isset($_POST['special_entered'])) $values['special_entered'] = $_POST['special_entered'];
	}

//Set which fields are required
if ($_SESSION['admin'] != 't') {
	$required['first_name']=$values['first_name'];
	$required['last_name']=$values['last_name'];
	$required['address1']=$values['address1'];
	$required['city']=$values['city'];
	if ($values['country'] == 'United States' || $values['country'] == 'Canada') $required['state']=$values['state'];
	$required['zip']=$values['zip'];
	$required['country']=$values['country'];
	$required['email_addr']=$values['email_addr'];
	$required['password']=$values['password'];
	$required['password2']=$values['password2'];
	$required['username']=$values['username'];
	}

if ($_SESSION['admin'] == 't') {
	$required['first_name']=$values['first_name'];
	$required['last_name']=$values['last_name'];
	$required['country']=$values['country'];
	$required['password']=$values['password'];
	$required['password2']=$values['password2'];
	$required['username']=$values['username'];
	}

if ($values['update'] == 'Y') {
	unset($required['password'], $required['password2']);
	}

   // check forms filled in
   if (!filled_out($required))
   {
      do_html_header('Problem:', gobig, $uny);

      echo 'You forgot to fill in a required field.<br />';

      display_registration_form($values);
      do_html_footer(no_news);
      exit; 
   }    

   // email address not valid
   if (!valid_email($values['email_addr']) && $_SESSION['admin'] != 't')
   {
      do_html_header('Problem:', gobig, $uny);
      echo 'That is not a valid email address.  Please '
           .' try again.';
      display_registration_form($values);
      do_html_footer(no_news);
      exit;
   } 

   // passwords not the same 
   if ($values['password'] != $values['password2'])
   {
      do_html_header('Problem:', gobig, $uny);
      echo 'The passwords you entered do not match - please '
           .' try again.';
      display_registration_form($values);
      do_html_footer(no_news);
      exit;
   }

   // check password length is ok
   // ok if username truncates, but passwords will get
   // munged if they are too long.
if ($values['update'] != 'Y') {
	if (strlen($values['password'])<6 || strlen($values['password']) >16) {
	      do_html_header('Problem:', gobig, $uny);
		echo 'Your password must be between 6 and 16 characters.'
           .'Please try again.';
		display_registration_form($values);
		do_html_footer(no_news);
		exit;
		}
	}
   


  // attempt to register
	if ($values['admin_add_user'] == 'Y') {
		//Process event_day and figure out cost.
		if (!empty($values['event_day']) || !empty($values['reg_type'])) {
			if ($values['reg_type'] == 'staff' || $values['reg_type'] == 'exhibitor' || $values['reg_type'] == 'special guest') {
				$values['event_day'] = 'all week-end';
				$values['reg_cost'] = '0.00';
				}
			if (empty($values['event_day']) || empty($values['reg_type'])) {
				do_html_header('Problem:', staysmall, $uny);
				echo '<span class="redtext">You must select both a registration day '
					 .'and a registration type Please try again.</span><br />';
				display_registration_form($values);
				do_html_footer(news);
				exit;
				}
		if ($values['reg_type'] != 'special') $values['reg_cost'] = get_badge_cost($values['event_day'], $values['reg_type']);
		if (($values['reg_type'] == 'special') && (!isset($values['reg_cost']) || empty($values['reg_cost'])) && !isset($values['special_entered'])) {
			do_html_header('Enter special reg_cost', staysmall, $uny);
			print_special_cost_form($values);
			do_html_footer(news);
			exit;
			}

			}
		$reg_result = register($values);
		} elseif ($values['admin_mode'] == 'Y' && $values['update'] == 'Y') {
		$reg_result = register($values, $values['attendee_id']);
		}  else {
		$reg_result = register($values, $_SESSION['current_attendee_id']);
		}
	
     
	if ($reg_result === true && $values['update'] != 'Y' && $values['admin_add_user'] != 'Y') {
		// register session variable 
		login($values['username'], $values['password']);
		// provide link to members page
		header("Location: ".$conf['base_path']."registration/attendee_home.php");

//		do_html_header('Registration successful', $_SERVER['PHP_SELF']);
//		echo 'Your registration was successful.  Use menu on the left '
          //.'to submit and sign up for events';
//		print_brs(24);
//		do_html_footer();
		exit;
		}
	if ($reg_result === true && $values['update'] == 'Y') {
		$updated_id = $values['attendee_id'];
		if ($_SESSION['admin'] == 't' && $_SESSION['attendee_id'] != $_SESSION['current_attendee_id'])
			header("Location: ".$conf['base_path']."registration/attendee_home.php?attendee_id=$updated_id");
		if ($_SESSION['admin'] == 't' && $_SESSION['attendee_id'] == $_SESSION['current_attendee_id'])
			header("Location: ".$conf['base_path']."registration/attendee_home.php");
		if ($_SESSION['admin'] != 't')
			header("Location: ".$conf['base_path']."registration/attendee_home.php");
		exit;
		} 
		if ($values['update'] != 'Y' && $values['admin_add_user'] == 'Y') {
		$requested_id = $reg_result;
		header("Location: ".$conf['base_path']."registration/attendee_home.php?attendee_id=$requested_id");
		exit;
		} else {
		// otherwise display form and tell them to try again
		do_html_header('Problem:', gobig, $uny);
		echo $reg_result; 
		display_registration_form($values);
		do_html_footer(no_news);
		exit;
		}


?>
